Directed Identity and the '#' symbol
SitG Admin
sysadmin at shadowsinthegarden.com
Sun Apr 26 04:44:59 UTC 2009
>I believe the spec says that if the user were to enter a fragment,
>the RP should trim it off before sending the auth request to the OP.
I tried it here:
http://openidenabled.com/resources/openid-test/diagnose-server/
The output began with
Checking http://shadowsinthegarden.com/#generation...
Fetching http://shadowsinthegarden.com/#generation
I just checked Pibb, too; it recognized me. I ran the
openidenabled.com tests again, this time checking Apache's access.log
and comparing to what Pibb sent me there with; Pibb looked for my
OpenID headers at '/', but openidenabled.com specifically requested
'/#generation':
Identity authenticated as http://shadowsinthegarden.com/#generation
I'm currently using the openidenabled.com library; I can work around
that behavior for now, but will just make it a cheap kludge until I
know whether a future version will have a better (integrated)
solution.
-Shade
More information about the specs
mailing list